-
+2 +1
Hunting the Stealth Hacker in the Kubernetes Jungle
Let log analysis be the guide for your Kubernetes security safari.
-
+37 +1
We analysed the entire web and found a cybersecurity threat lurking in plain sight
Think you can trust every website? One typo and you could be caught in a phishing trap.
-
+31 +1
CISOs and Senior Leadership at Odds Over Security
Only half of cybersecurity leaders feel their C-suite understands cybersecurity risks, a Trend Micro survey found. Four in five have been told to downplay a potential risk’s severity.
-
+43 +1
GitHub Issues Patch for Critical Exploit in Enterprise Server
The vulnerability affects all GHES versions prior to 3.13.0 and achieves the highest possible CVSS score of 10. Instances with SAML SSO authentication are at risk.
-
+37 +1
VFCFinder Highlights Security Patches in Open Source Software
VFCFinder analyzes commit histories to pinpoint the most likely commits associated with vulnerability fixes.
-
+27 +1
Vulnerabilities for AI and ML Applications are Skyrocketing
In their haste to deploy LLM tools, organizations may overlook crucial security practices. The rise in threats like Remote Code Execution indicates an urgent need to improve security measures in AI development.
-
+33 +1
Number of data breaches falls globally, triples in the US
The Global data breach statistics report comes from Surfshark, which counts every leaked email address used to register for online services as a separate user account.
-
+28 +1
NoaBot: Another Mirai Botnet Strikes at Linux Devices
Akamai's team of security experts has discovered a new cryptomining campaign, dubbed NoaBot, leveraging the SSH protocol to spread its malware.
-
+56 +1
Cyber security isn’t simple, but it could be
The biggest problem is a tendency to ignore problems you can’t see or haven’t looked for, says SecurityHQ
-
+63 +1
Telemarketer goes belly-up after data breach
Sensitive details of charity donors leaked and also sensitive employee information had also been leaked during the attack – including police checks, child support documents, HR incidents, immigration sponsorship details, COVID-19 vaccination credentials, and notably, tax file numbers, passports, and licences.
-
+50 +1
Thousands of Android devices come with unkillable backdoor preinstalled
Somehow, advanced Triada malware was added to devices before reaching resellers.
-
+30 +1
Post-Quantum Resilience for Security Keys
We introduce a hybrid digital signature scheme based on two building blocks: a classically-secure scheme, ECDSA, and a post-quantum secure one, Dilithium. Our hybrid scheme maintains the guarantees of each underlying building block even if the other one is broken, thus being resistant to classical and quantum attacks.
-
+29 +1
So much for CAPTCHA – bots can do them quicker than humans
We, for one, welcome our distorted-letter-recognizing overlords
-
+16 +1
Ukraine takes down massive bot farm, seizes 150,000 SIM cards
Cyber Police Department of the National Police of Ukraine dismantled another massive bot farm linked to more than 100 individuals after searches at almost two dozen locations.
-
+30 +1
GitHub Leverages Passkeys to Enhance User Security
Passkeys, password replacements, have finally come to GitHub in beta.
-
+22 +1
Microsoft on major Outlook and OneDrive outages: We were hacked
In early June, sporadic but serious service disruptions plagued Microsoft’s flagship office suite — including the Outlook email and OneDrive file-sharing apps — and cloud computing platform. A shadowy hacktivist group claimed responsibility, saying it flooded the sites with junk traffic in distributed denial-of-service attacks.
-
+32 +1
Millions of Americans' personal data exposed in global hack
Millions of people in Louisiana and Oregon have had their data compromised in the sprawling cyberattack that has also hit the US federal government, state agencies said late Thursday.
-
+35 +1
Google’s Android and Chrome extensions are a very sad place. Here’s why
No wonder Google is having trouble keeping up with policing its app store. Since Monday, researchers have reported that hundreds of Android apps and Chrome extensions with millions of installs from the company’s official marketplaces have included functions for snooping on user files, manipulating the contents of clipboards, and injecting deliberately unknown code into webpages.
-
+33 +1
Inner workings revealed for “Predator,” the Android malware that exploited 5 0-days
Smartphone malware sold to governments around the world can surreptitiously record voice calls and nearby audio, collect data from apps such as Signal and WhatsApp, and hide apps or prevent them from running upon device reboots, researchers from Cisco’s Talos security team have found.
-
+23 +1
Is cybersecurity an unsolvable problem?
Ars chats with law philosopher Scott Shapiro about his new book, Fancy Bear Goes Phishing. Turing himself showed that perfect cybersecurity is impossible through the proof that he gave. It's easy to extend the proof just to see that among the problems that cannot be solved are finding bugs in computer programs.
Submit a link
Start a discussion